DRUPAL-CONTRIB-2024-014
See a problem?- Import Source
- https://github.com/DrupalSecurityTeam/drupal-advisory-database/blob/main/advisories/symfony_mailer_lite/DRUPAL-CONTRIB-2024-014.json
- JSON Data
- https://api.osv.dev/v1/vulns/DRUPAL-CONTRIB-2024-014
- Aliases
-
- CVE-2024-13250
- Published
- 2024-02-28T18:36:35Z
- Modified
- 2025-12-10T23:41:32.057508Z
- Summary
- [none]
- Details
-
The module doesn’t sufficiently protect against malicious links, which means an attacker can trick an administrator into performing unwanted actions.
This vulnerability is mitigated by the fact that the set of unwanted actions is limited to specific configurations.
- References
- Credits
-
-
- Mingsong
-
Affected packages
Packagist:https://packages.drupal.org/8 / drupal/symfony_mailer_lite
Package
- Name
- drupal/symfony_mailer_lite
- Purl
- pkg:composer/drupal/symfony_mailer_lite